Fwd: [Openswan Users] IPsec SA established but no l2tp

Rui Sampaio rui.csas at gmail.com
Fri Jan 7 00:15:00 CET 2005

> I had to enable IPSEC passthrought and add "nat_traversal=yes" to make
> the ipsec connection

These are mutually exclusive. I never tested IPsec passthrough with
L2TP/IPsec. I suggest you disable IPsec passthrough on your router,
if it is possible.

I've disabled IPsec passthrought,

>         left=
>         leftsubnet=

Hm, this leftsubnet is because of the server-side NAT, right?

I don't understant myself very well. is the IPsec server's IP is my external IP, assigned to the router

I've put the subnet line because I got this error:

cannot respond to IPsec SA request because no connection is known for

> ip range =
> local ip =

Your external interface cannot be in the
same subnet as 'ip range'. Change either one to something else.

My external interface (router)  is not on same subnet it's IP is

After this, if I change the leftsubnet I get the error above. If not
l2tp still doesn't work

More information about the Users mailing list